Hackers Stole Restricted F-35 Data From an Australian Contractor

Australian and U.S. officials confirmed this week that an unnamed Australian defense firm involved in developing the F-35 fighter jet was hacked in November of 2016. The attackers, who may have been Chinese, stole large amounts of data on the F-35 and other vehicles and munitions.

A spokesman for the F-35 program told Defense News that the breach did not compromise any classified data. However, the data has been described by Australian authorities as commercially sensitive, and as including detailed schematics.

According to ZDNet, which first spotted the revelations in an Australian government report, the compromised data was restricted under the International Traffic in Arms Regulation, which controls the export of military technology from the U.S.

Australian officials have not identified a culprit, but the attack was carried out, in part, using a hacking tool known as “China Chopper.” According to Ars Technica, the tool has been used extensively by Chinese hackers in the past.

The theft of defense schematics by the Chinese government or allied forces would fit a disturbing pattern. According to documents released by NSA whistleblower Edward Snowden in 2015, Chinese hackers have already compromised top secret data on the F-35. Experts allege that information has informed the design of Chinese fighter jets including the Chengdu J-20 and the Shenyang J-31 Falcon Hawk.

According to ZDNet, the hackers faced few challenges in accessing the Australian defense contractor’s system. The company was small, with a one-person IT department and lackluster security measures. The attacker reportedly had access to the company’s network for at least three months.